﻿using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;

namespace 登陆练习1
{
    public partial class Form1 : Form
    {
        public Form1()
        {
            InitializeComponent();
        }

        private void IncreaseErrorTimes()
        {
            string SqlStr = @"Data Source=.; Initial Catalog=Mydb_1;User ID=sa;Password=13817995048";
            using (SqlConnection conn = new SqlConnection(SqlStr))
            {
                conn.Open();
                using (SqlCommand cmd = conn.CreateCommand())
                {
                    cmd.CommandText = "update T_Users set ErrorTimes = ErrorTimes+1 where Username=@UserName";
                    cmd.Parameters.Add(new SqlParameter("UserName",txtUserName.Text));
                    cmd.ExecuteNonQuery();
                }
            }
        }

        private void ResetErrorTimes()
        {
            string SqlStr = @"Data Source=.; Initial Catalog=Mydb_1;User ID=sa;Password=13817995048";
            using (SqlConnection conn = new SqlConnection(SqlStr))
            {
                conn.Open();
                using (SqlCommand cmd = conn.CreateCommand())
                {
                    cmd.CommandText = "update T_Users set ErrorTimes = 0 where Username = @UserName";
                    cmd.Parameters.Add(new SqlParameter("UserName",txtUserName.Text));
                    cmd.ExecuteNonQuery();
                }
            }
        }

        private void button1_Click(object sender, EventArgs e)
        {
            string SqlStr = @"Data Source=.; Initial Catalog=Mydb_1;User ID=sa;Password=13817995048";
            using (SqlConnection conn = new SqlConnection(SqlStr))
            {
                conn.Open();
                using (SqlCommand cmd = conn.CreateCommand())
                {
                    cmd.CommandText = "select * from T_Users where UserName=@un";
                    cmd.Parameters.Add(new SqlParameter("un", txtUserName.Text));
                    using (SqlDataReader reader = cmd.ExecuteReader())
                    {
                        if (reader.Read())
                        {
                            int errorTimes = reader.GetInt32(reader.GetOrdinal("ErrorTimes"));
                            if (errorTimes > 3)
                            {
                                MessageBox.Show("登陆次数过多，请稍后再登！");
                                return;
                            }
                            string dbPsw = reader.GetString(reader.GetOrdinal("Password"));
                            if (txtPassword.Text == dbPsw)
                            {
                                MessageBox.Show("登陆成功！");
                                ResetErrorTimes();
                            }
                            else
                            {
                                IncreaseErrorTimes();
                                MessageBox.Show("密码错误！");
                            }
                        }
                        else
                        {
                            MessageBox.Show("登陆失败！");
                        }
                    }
                }
            }
        }
    }
}
